Here’s a quick tip on how to automatically mount/unmount a SMB/CIFS Windows share on a CentOS/Fedora/RHEL server, when ever it’s accessed. This tip makes use of Linux’s automounter (autofs) & the mount (mount.cifs) command.
Here’s two examples of the prototypical command for mounting a SMB/CIFS share.
1 2 3 4 5
# example pattern #1 % mount -t cifs //[hostname]/[share] [local_mount_point] -o sec=[security_type],user=[username] # example pattern #2 % mount.cifs //[hostname]/[share] [local_mount_point] -o sec=[security_type],user=[username]
The following 2 examples show how to mount a SMB/CIFS share passing all the arguments (username, password, etc.) via a single command.
1 2 3 4 5
# real example #1 % mount.cifs //192.168.1.5/mp3s /mnt/mp3s -o sec=ntlmv2,user=joe_user # real example #2 % mount.cifs //192.168.1.5/mp3s /mnt/mp3s -o sec=ntlmv2,user=joe_user,domain=dom.local
Here’s a better method, where the username, password, etc. are stored in a separate file which is a little more secure.
1 2 3 4 5 6 7 8 9 10 11 12 13 14
# real example #3 % mount.cifs //192.168.1.5/mp3s /mnt/mp3s -o credentials=/etc/secret1.txt,sec=ntlm # /etc/secret1.txt # username=joe_user # password=joespasswd # real example #4 % mount.cifs //192.168.1.5/mp3s /mnt/mp3s -o credentials=/etc/secret2.txt,sec=ntlm # /etc/secret2.txt # username=joe_user # password=joespasswd # domain=dom.local
NOTE: You’ll want to make the credential files (secret1.txt, secret2.txt, etc.) chmod 600 to limit visibility, the password is stored in clear text!
In example #1 above, this particular server required the security method: sec=ntlmv2. The default security method is ntlm. Examples #3 & #4 show how the username/password credentials can be moved to a file for better security. NOTE: Regarding sec=… here are some other possible values.
- none attempt to connection as a null user (no name)
- krb5 Use Kerberos version 5 authentication
- krb5i Use Kerberos authentication and packet signing
- ntlm Use NTLM password hashing (default)
- ntlmi Use NTLM password hashing with signing (if /proc/fs/cifs/PacketSigningEnabled on or if server requires signing also can be the default)
- ntlmv2 Use NTLMv2 password hashing
- ntlmv2i Use NTLMv2 password hashing with packet signing
Automounting (autofs) provides the ability for resources to be mounted/unmounted based on whether they’re being used. After a period of inactivity, say 60 seconds, the automounter daemon wil unmount unused mounts. With a little work we can make it so that SMB/CIFS shares can be automounted as well. First you’ll want to make sure that autofs and samba are installed.
1 2 3 4 5
# automounter % yum install autofs # samba (client) % yum install samba-client samba-common
Next you’ll want to add an entry to the file /etc/auto.master, like so:
1 2 3 4
# file: /etc/auto.master # ... # ... /mnt/cifs_share /etc/auto.cifs --timeout=600 --ghost
Now we’ll need to create the mount point:
% mkdir /mnt/cifs_share
… and now create the file /etc/auto.cifs:
share_data -fstype=cifs,rw,noperm,credentials=/etc/credentials.txt ://192.168.1.11/share_data
And finally, create the credentials.txt file.
1 2 3
# /etc/credentials.txt username=joe_user password=joespasswd
The last step is to startup the automounter service (/etc/init.d/autofs).
% /etc/init.d/autofs start
Once done you should now be able to cd to /mnt/cifs_share/share_data.
1 2 3 4
% cd /mnt/cifs_share/share_data % pwd /mnt/cifs_share/share_data
You can confirm that the mount is being accessed correctly by checking out the list of active mounts:
1 2 3 4 5 6 7 8 9
% mount /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda1 on /boot type ext3 (rw) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) //192.168.1.11/share_data on /mnt/cifs_share/share_data type cifs (rw,mand)
- HowTo Mout a CIFS Network Share
- Tips And Tricks – Windows Shares – CentOS Wiki
- Accessing Windows or Samba Shares using Autofs – howtoforge
- autofs with ghost option not showing wildcard mounts – serverfault
NOTE: For further details regarding my one-liner blog posts, check out my one-liner style guide primer.